Community discussions

 
tr00g33k
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 84
Joined: Sun Mar 29, 2015 3:58 pm

MikroTik, Cisco and QinQ

Sat Feb 18, 2017 12:11 pm

Hello, i would like to achieve something like this if i even imagine this correctly. I have some network with mostly C2960 switches, that does not support 802.1QinQ. And have some MikroTiks on the edges where i could configure this. But i still have to get vlans through 2960`s without 802.1QinQ support.

So in short what i would like to achieve, get 3 vlans from cusomter(800,801,802) "pack them" in one vlan on CCR (Vlan15) send them through C2960 network, on RB3011 "unpack" vlans 800,801,802 from vlan 15, and send them to customer like vlans 800,801,802

The diagram looks something like this:

Image

Cisco 881 Fa4 ==> Fa0/1 C2960-sw1 Fa0/2 ==> Eth 5 CCR1016 Eth 6 ==> Fa0/1 C2960-sw2 Fa 0/2 ==> Eth1 RB3011 Eth2 ==> Fa1 C2960-sw2customer,......

This is how I imagine doing this, but it doesnt work for me, could someone please help me out how to do it properly, or if I`am even on correct path to do this.

Cisco 881 configuration:
interface fa4.800
encaps dot1q 800
ip add 192.168.80.1 255.255.255.0
interface fa4.801
encaps dot1q 801
ip add 192.168.81.1 255.255.255.0
interface fa4.802
encaps dot1q 802
ip add 192.168.82.1 255.255.255.0
Cisco 2960 sw1:
interface fa 0/1
sw mod tr
sw tr enc dot1q
sw tr all vl 800,801,802

interface fa 0/2
sw mod tr
sw tr enc dot1q
sw tr all vl 800,801,802
MikroTik CCR1016:
/interface vlan add name=Vlan800 vlan-id=800 interface=eth5
/interface vlan add name=Vlan801 vlan-id=801 interface=eth5
/interface vlan add name=Vlan802 vlan-id=802 interface=eth5

/interface vlan add name=Vlan15 vlan-id=15 interface=Eth6

/interface vlan add name=Vlan800-vl15 vlan-id=800 interface=Vlan15
/interface vlan add name=Vlan801-vl15 vlan-id=801 interface=Vlan15
/interface vlan add name=Vlan802-vl15 vlan-id=802 interface=Vlan15

/interface bridge add name=Vl800-bridge
/interface bridge add name=Vl801-bridge
/interface bridge add name=Vl802-bridge

/interface bridge port add interface=Vlan800-vl15 bridge=Vl800-bridge
/interface bridge port add interface=Vlan800 bridge=Vl800-bridge

/interface bridge port add interface=Vlan801-vl15 bridge=Vl801-bridge
/interface bridge port add interface=Vlan801 bridge=Vl801-bridge

/interface bridge port add interface=Vlan802-vl15 bridge=Vl802-bridge
/interface bridge port add interface=Vlan802 bridge=Vl802-bridge

Cisco2960-sw2:
int fa 0/1
sw mod tr
sw tr enc dot1q
sw tr all vl 15

int fa 0/2
sw mod tr
sw tr enc dot1q
sw tr all vl 15
MikroTik RB3011
/interface vlan add name=Vlan15 vlan-id=15 interface=eth1

/interface vlan add name=Vlan800-vl15 vlan-id=800 interface=Vlan15
/interface vlan add name=Vlan801-vl15 vlan-id=801 interface=Vlan15
/interface vlan add name=Vlan802-vl15 vlan-id=802 interface=Vlan15

/interface vlan add name=Vlan800 vlan-id=800 interface=Eth2
/interface vlan add name=Vlan801 vlan-id=801 interface=Eth2
/interface vlan add name=Vlan802 vlan-id=802 interface=Eth2

/interface bridge add name=Vl800-bridge
/interface bridge add name=Vl801-bridge
/interface bridge add name=Vl802-bridge

/interface bridge port add interface=Vlan800-vl15 bridge=Vl800-bridge
/interface bridge port add interface=Vlan800 bridge=Vl800-bridge

/interface bridge port add interface=Vlan801-vl15 bridge=Vl801-bridge
/interface bridge port add interface=Vlan801 bridge=Vl801-bridge

/interface bridge port add interface=Vlan802-vl15 bridge=Vl802-bridge
/interface bridge port add interface=Vlan802 bridge=Vl802-bridge

Cisco2960 sw2-cusomter:
int fa 0/1
sw mod tr
sw enc dot1q
sw tr all vl 800,801,802
And from here on the customer can do anything they want with their vlans.
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1053
Joined: Fri Aug 10, 2012 6:46 am
Location: Jackson, MS, USA
Contact:

Re: MikroTik, Cisco and QinQ

Mon Feb 20, 2017 11:59 pm

Your config looks correct and is exactly what i do when I want to deploy Q-in-Q in RouterOS.

http://wiki.mikrotik.com/wiki/Manual:In ... LAN#Q-in-Q

My guess is that maybe the 2960 sees the extra tags and isn't passing them through like a "dumb" switch would. You might try increasing L2 MTU through the cisco switch as well. If possible you could also put a dumb switch in between the two Mikrotiks and see if your config starts working - then you'l know the 2960 is causing an issue.

You could try turning on the S-tag on VLAN 15 on each side also.
Global - MikroTik Support & Consulting - English | Francais | Español | Portuguese +1 855-645-7684
https://iparchitechs.com/services/mikro ... l-support/ mikrotiksupport@iparchitechs.com
 
tr00g33k
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 84
Joined: Sun Mar 29, 2015 3:58 pm

Re: MikroTik, Cisco and QinQ

Wed Feb 22, 2017 7:07 pm

Thank you for giving me back hope :) I tried one more time the same configuration diffrent cisco switch, works perfect, exactly the same configuration. I was testing this on some old Cisco switch. Than i put the same configuration on production networks, works like it was intended to work.
 
User avatar
IPANetEngineer
Trainer
Trainer
Posts: 1053
Joined: Fri Aug 10, 2012 6:46 am
Location: Jackson, MS, USA
Contact:

Re: MikroTik, Cisco and QinQ

Sat Feb 25, 2017 3:10 am

Glad you figured it out! Might want to change the title to SOLVED :-)
Global - MikroTik Support & Consulting - English | Francais | Español | Portuguese +1 855-645-7684
https://iparchitechs.com/services/mikro ... l-support/ mikrotiksupport@iparchitechs.com

Who is online

Users browsing this forum: No registered users and 15 guests